Please Evaluate

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Please Evaluate

Post by Ambush Commander »

It's got a few notable deficiencies, most noticable is that the login isn't persistent :blush: Hopefully the code is self explanatory. I am not using JavaScript hashing to prevent cleartext password sniffing yet. Returns true on success and false on failure.

Please evaluate for security and extensibility. It's not that long I hope. 8)

Code: Select all

function login() {
        
        $TWP_GLOBAL =& TWP_Global::instance();
        $DB =& $TWP_GLOBAL->registryGet('adodb');
        $USERNAME = isset($_POST['twp_user']) ? arep($_POST['twp_user']) : '';
        $PASSWORD = isset($_POST['twp_pass']) ? $_POST['twp_pass'] : '';
        if (!($USERNAME && $PASSWORD)) {
            return false;
        }
        $t_user = $TWP_GLOBAL->tablesGet('user');
        $result = $DB->Execute("
            SELECT `user_rights`, `user_passhash`, `user_salt`
            FROM `$t_user`
            WHERE user_name = ?
            ", array($USERNAME));
        if (!$result) {
            return false;
        }
        $salt = $result->fields['user_salt'];
        $passhash = $result->fields['user_passhash'];
        $expect = SHA256::hash( $salt . '-' . $PASSWORD );
        if ($expect !== $passhash) {
            return false;
        }
        
        return true;
        
    }
Post Reply